aboutsummaryrefslogtreecommitdiff
path: root/README.md
blob: 61e23c7d779e885eda790fa0247d5a43be257826 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51

# Readme for update-ipasam-rpm

## Overview
Update-ipasam-rpm is a project that facilitates building a custom rpm with just the one file that samba needs to authenticate users to ipa.

## Update-ipasam-rpm upstream
[This repository](https://gitlab.com/bgstack15/ipasam/) is upstream. This is original work.

## Reason for existing
The proper `ipa-server-trust-ad` rpm has a large number of dependencies which are not necessary merely when using samba with ipa user authentication, so this project copies that file out and builds a small rpm just for the one file. This makes my samba file server need fewer packages installed.

## Alternatives
Install `ipa-server-trust-ad` with all of its dependencies, which is way more than I want to use when I just need ipasam.so.

## Dependencies
For any rpm-based system, but primarily AlmaLinux 8, the server that runs the cron job needs a few things:

* Http/s access to a package mirror
* Https access to [copr](https://copr.fedorainfracloud.org/) to initiate builds
* Https access to [gitlab](https://gitlab.com/bgstack15/ipasam/) to pull ipasam.spec template
* Packages: `copr-cli`, `rpmbuild`
* Unprivileged user, shown in this documentation as username `copruser`

The copr api can be used with a copr user with a generated api key ([Reference 1](https://copr.fedorainfracloud.org/api/)).

## Files in the project

* `~copruser/.config/copr`
* `~copruser/.config/ipasam`
* `~copruser/bin/update-ipasam-rpm.sh`
* `/etc/cron/70_ipasam_cron`
* `~copruser/.cache/ipasam.spec` (generated by modifying spec from this repo)
* `~copruser/.cache/ipa-server-trust-ad.ver` (generated)
* `~copruser/rpmbuild/SRPMS/iapsam*.srpm` (generated)

## Usage

* Create user `copruser` or other unprivileged user as desired. 
* Deploy the non-generated files from this repository to the above locations and inspect the config files.
* Prepare a user on the [copr](https://copr.fedorainfracloud.org/) and generate an api key and place in file `~copruser/.config/copr`. 
* Run the command manually to see it operate.

    ~/bin/update-ipasam-rpm.sh

* Visit your copr project to see the ipasam rpm that you built!

## Differences from upstream
N/A

## References
1. [COPR API introduction](https://copr.fedorainfracloud.org/api/)
bgstack15